a civilian approach to fight cyberwar

introducing

OSINT

Shameless Self Promotion

Founder, ClubHack

Mentor, ClubHack Magazine

Awarded as Microsoft Most Valuable Professional 2012 in Enterprise Security. Advisor eGov - Science & Technology park, DST Ex- Head of Technology, Commonwealth Game(s)

rohit11

Agenda for next 30min

What is OSINT

Tools & Tricks

Case Study

Remember, it can save a lot of pain in future

Open Source Intelligence

Nothing to do with Open Source Software though

What is it?

OSINT: Open Source INTelligence Is an information processing discipline that involves finding, selecting, and acquiring information from publicly available sources and analyzing it to produce actionable intelligence.

A lot of information out there

Too much information everywhere !

Sources

Cable Gating is not OSINT, its crime. But wiki leaks is a OS info :D

Never Cross boundaries

Tools & Tricks

Again not a rocket science

Maltego

Tools

LeakedIn

The primary purpose of leakedin.com is to make visitors aware about the risks of loosing data. This blog just compiles samples of data lost or disclosed on sites like pastebin.com.

Tools

LeakedIn

Tools

AnonPaste Monitor

Tools

Tweeter Monitoring

Tools

Facebook Monitoring

Tools

Tools
http://talkback.volvent.org/items.html

More Tools

Metadata : Foca , metagoofil , exiftool Online sites : Shodanhq, Serversniff, netcraft, centralops,
Tools

FF extensions : wappalyzer, Passive recon, Our Own Mantra

Nostradamus

Geographically spread sources of different types and formats

Databases of security services and other law enforcement authorities Mass media articles and other public sources (including the web)

Police reports, recorded at the regional police departments

Nostradamus
Life scan systems

Information from the field on: accidents, incidents, interviews, etc

Tools

Communication records

A complete, powerful analytical tool

Nostradamus

Analysis of Relationships, Graphical visualization of Relationships Detection of Direct and Hidden networks, patterns, trends

GIS Analysis, Space-Time Analysis

Telephone Call Analysis, Contacts Analysis GIS enabled Analysis; Movement & Location Analysis Crime Pattern Analysis, Proactive Analysis Multi-lingual Phonetic & Semantic Search & Query Intelligence Accumulation Completely web-based; includes online & real-time capabilities Automated data capture. IP, GPRS, SMS enabled Structured information access privileges Client side Platform independent. No special requirement w.r.t. the User PC Efficient operations even with low communication capabilities

Tools

Nostradamus
Criminal Intelligence Analytical System

Tools

Case Study

Lord of Dharamaraja

Lords of Dharmaraja

Lords of Dharmaraja

If we have the will...

Thanks

rohit@clubhack.com +91-92-CLUBHACK